django-admin-react 1.4.12__tar.gz → 1.5.0__tar.gz

{django_admin_react-1.4.12 → django_admin_react-1.5.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: django-admin-react
-Version: 1.4.12
+Version: 1.5.0
 Summary: A drop-in React single-page admin for Django, driven entirely by ModelAdmin.
 License: MIT
 License-File: LICENSE
@@ -10,6 +10,7 @@ Requires-Python: >=3.10,<4.0
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: Environment :: Web Environment
 Classifier: Framework :: Django
+Classifier: Framework :: Django :: 4.2
 Classifier: Framework :: Django :: 5.0
 Classifier: Framework :: Django :: 5.1
 Classifier: Framework :: Django :: 5.2
@@ -25,9 +26,9 @@ Classifier: Programming Language :: Python :: 3.13
 Classifier: Programming Language :: Python :: 3.14
 Classifier: Topic :: Internet :: WWW/HTTP :: Site Management
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
-Requires-Dist: django (>=5.0,<7.0)
-Requires-Dist: django-admin-mcp-api (>=1.0.0,<2.0.0)
-Requires-Dist: django-admin-rest-api (>=1.0.6,<2.0.0)
+Requires-Dist: django (>=4.2,<7.0)
+Requires-Dist: django-admin-mcp-api (>=1.1.0,<2.0.0)
+Requires-Dist: django-admin-rest-api (>=1.1.0,<2.0.0)
 Project-URL: Documentation, https://github.com/MartinCastroAlvarez/django-admin-react#readme
 Project-URL: Homepage, https://github.com/MartinCastroAlvarez/django-admin-react
 Project-URL: Repository, https://github.com/MartinCastroAlvarez/django-admin-react
@@ -190,9 +191,12 @@ DJANGO_ADMIN_REACT = {
     "BRAND_LOGO_URL": None,     # str | None — favicon + sidebar logo;
                                 # falls back to AdminSite.site_logo. Absolute
                                 # URL or a path under your STATIC_URL.
-    "PRIMARY_COLOR": "#2563eb", # accent for primary buttons, links, and
-                                # active states. Hex only (validated);
-                                # injected as the --dar-primary CSS var, so
+    "PRIMARY_COLOR": None,      # accent for primary buttons, links, and
+                                # active states (#437 / #631). Hex only
+                                # (validated). None → reads
+                                # `site_primary_color` off your AdminSite;
+                                # fallback default is "#2563eb". Injected
+                                # as the --dar-primary CSS var, so
                                 # rebranding needs no React rebuild.
 
     # Auth + API mount
@@ -247,10 +251,39 @@ Both values are written into the SPA index template as standard
 reads them at boot, so the first paint already carries the consumer's
 brand. No flash of the package's defaults.
 
+#### Accent colour (`PRIMARY_COLOR` + `AdminSite.site_primary_color`)
+
+`PRIMARY_COLOR` defaults to `None` so a custom `AdminSite` subclass can
+own the brand colour the same way it owns `site_header` / `site_logo`
+(#631). Resolution order — explicit setting wins, AdminSite is the
+structural default, built-in fallback last:
+
+1. `DJANGO_ADMIN_REACT["PRIMARY_COLOR"]` — explicit per-deployment override.
+2. `<your AdminSite>.site_primary_color` — convention attribute on your
+   custom `AdminSite` subclass (Django has no such attribute by default;
+   add it as a constant alongside `site_header` / `site_logo`).
+3. `"#2563eb"` — the package's last-resort fallback.
+
+Every layer runs through a strict hex-colour regex (`#rgb` / `#rgba` /
+`#rrggbb` / `#rrggbbaa`) before being injected into the SPA's `<style>`
+block, so a non-hex value at any layer falls through to the next — CSS
+injection is impossible at any source.
+
+```python
+# myproject/admin.py
+from django.contrib.admin import AdminSite
+
+class AcmeAdminSite(AdminSite):
+    site_header = "Acme"
+    site_title = "Acme Admin"
+    site_logo = "/static/acme/logo.svg"
+    site_primary_color = "#10b981"   # emerald — used by legacy admin AND the SPA
+```
+
 ### Requirements
 
 - **Python**: 3.10+
-- **Django**: 5.0, 5.1, 5.2, 6.0 (and any later 6.x)
+- **Django**: 4.2 LTS, 5.0, 5.1, 5.2 LTS, 6.0 (and any later 6.x)
 - **Database**: anything Django supports — the package is ORM-only,
   no direct SQL.
 - **Auth**: Django's built-in session + CSRF. Works with custom
@@ -620,7 +653,9 @@ all share the v1 wire contract. Per-feature live status below.
 | `date_hierarchy`                                       | ✅                                                              |
 | `list_editable` + bulk PATCH                           | ✅                                                              |
 | `actions` — batch + detail (signature-classified)      | ✅                                                              |
-| `autocomplete_fields` / `raw_id_fields`                | ✅                                                              |
+| `autocomplete_fields`                                  | ✅                                                              |
+| `raw_id_fields` (pk text input + lookup popup)         | 🟡 [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) (API emits the hint; SPA still renders autocomplete) |
+| `radio_fields` (inline radio buttons vs `<select>`)    | 🟡 [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) (API emits the hint; SPA still renders dropdown) |
 | `ManyToManyField` read + write                         | ✅                                                              |
 | `inlines` (TabularInline / StackedInline) — read + write | ✅                                                            |
 | `FileField` / `ImageField` — read                      | ✅                                                              |
@@ -636,6 +671,121 @@ all share the v1 wire contract. Per-feature live status below.
 
 ✅ = shipped. 🟡 = not yet built (tracked).
 
+### Stock-Django `ModelAdmin` hooks that do NOT carry through to the SPA
+
+The SPA renders from the JSON wire — it never sees the consumer's
+Django HTML templates, custom widgets, or `get_urls()` views. The
+hooks below are stock-Django extension points the SPA cannot honour
+today; if your admin uses any of them, the surface behaves
+differently on the SPA than on the legacy `/admin/`. Tracking
+issues link the work to close each gap.
+
+| Stock-Django hook | SPA behaviour | Tracked |
+|---|---|---|
+| `change_form_template` / `change_list_template` / `add_form_template` / `change_password_template` / `object_history_template` overrides | Silently ignored — the SPA renders entirely from the JSON wire. | [#624](https://github.com/MartinCastroAlvarez/django-admin-react/issues/624) |
+| `formfield_overrides = {Field: {"widget": CustomWidget}}` | Custom widget invisible — the SPA picks its own control from the field's `type`. No React-side widget-registration API yet. | [#625](https://github.com/MartinCastroAlvarez/django-admin-react/issues/625) |
+| `raw_id_fields` | Falls back to the autocomplete picker (same as `autocomplete_fields`). Defeats the purpose for FKs with 10M+ rows where autocomplete `get_search_results` is too expensive. | [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) |
+| `radio_fields = {"status": admin.HORIZONTAL}` | Renders a `<select>` (default choice control) instead of inline radio buttons. | [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) |
+| `filter_horizontal` / `filter_vertical` (M2M shuttle widget) | Renders the generic multi-select checkbox list, not Django's two-pane shuttle. Switch the field to `autocomplete_fields` for a workable SPA UX. | [#627](https://github.com/MartinCastroAlvarez/django-admin-react/issues/627) |
+| `GenericForeignKey` / `GenericInlineModelAdmin` | Support gap — verify per-model before relying on the SPA. | [#628](https://github.com/MartinCastroAlvarez/django-admin-react/issues/628) |
+| `LANGUAGE_CODE` / `gettext` / `Accept-Language` | The SPA chrome stays English; translated `verbose_name` / `help_text` / `@admin.action(description=_("..."))` are not surfaced per-request. | [#630](https://github.com/MartinCastroAlvarez/django-admin-react/issues/630) |
+| `ModelAdmin.get_urls()` custom views | Opens as a popout (`<a target="_blank">`) into the Django-rendered HTML page — no SPA chrome, no breadcrumb. The link IS surfaced; the UX is just outside the SPA. | [#623](https://github.com/MartinCastroAlvarez/django-admin-react/issues/623) |
+| Django 4.2 LTS support | Not yet — the package pins `django >= 5.0,<7.0`. | [#622](https://github.com/MartinCastroAlvarez/django-admin-react/issues/622) |
+
+If your admin relies on any "silently ignored" hook above, the
+typical workaround is to keep that model on the legacy
+`/admin/` surface via the
+[experience-toggle strip](#experience-toggle-strip-optional) — the
+SPA + legacy admin happily coexist.
+
+---
+
+## Writing safe `list_display` callables
+
+This applies on **both** the legacy `/admin/` and the SPA — but the
+SPA renders any `format_html` / `mark_safe` value via React's
+`dangerouslySetInnerHTML`, so misuse is reflected XSS the same way
+the legacy admin would be.
+
+**Do not** interpolate user-controlled data into a `mark_safe(...)`
+string. The whole point of `mark_safe` is "I have already escaped
+this," and `f"<span>{obj.user_input}</span>"` has not — so a
+`user_input` of `<script>alert(1)</script>` runs.
+
+```python
+# WRONG — copy-paste-from-StackOverflow XSS hazard.
+@admin.display(description="Status")
+def status_badge(self, obj):
+    return mark_safe(f'<span class="badge">{obj.user_input}</span>')
+
+# RIGHT — format_html auto-escapes every interpolated arg.
+@admin.display(description="Status")
+def status_badge(self, obj):
+    return format_html('<span class="badge">{}</span>', obj.user_input)
+```
+
+Same rule for `readonly_fields` callables. See
+[#633](https://github.com/MartinCastroAlvarez/django-admin-react/issues/633)
+for the optional defense-in-depth `STRICT_HTML` setting tracking
+issue (bleach-clean every rendered HTML value with a tight allow-list).
+
+---
+
+## Hardening
+
+### Brute-force defense on `/api/v1/login/`
+
+The package's React login endpoint (`<mount>/api/v1/login/`) reuses
+Django's session auth, so the canonical brute-force defenses work
+unchanged. The recommended layer is
+[`django-axes`](https://pypi.org/project/django-axes/):
+
+```python
+# settings.py
+INSTALLED_APPS = [..., "axes", "django_admin_react", "django_admin_rest_api"]
+
+AUTHENTICATION_BACKENDS = [
+    "axes.backends.AxesStandaloneBackend",
+    "django.contrib.auth.backends.ModelBackend",
+]
+MIDDLEWARE = [..., "axes.middleware.AxesMiddleware"]
+
+AXES_FAILURE_LIMIT = 5
+AXES_COOLOFF_TIME = 1  # hour
+```
+
+Axes intercepts via `AUTHENTICATION_BACKENDS`, not URL middleware, so
+lockouts apply to both the legacy admin login and the SPA's JSON
+login automatically. Tracked: [#634](https://github.com/MartinCastroAlvarez/django-admin-react/issues/634).
+
+### Mounting the API on a different origin (CORS + cookies)
+
+`DJANGO_ADMIN_REACT["API_URL_PREFIX"]` lets the SPA point at a
+separately-mounted REST API — e.g. SPA at `admin.example.com`
+talking to an API at `api.example.com`. The session-cookie auth
+across origins needs three settings configured together; if any
+one is missing, every API call silently 401s after login.
+
+```python
+# settings.py — required when SPA and API are on different origins.
+SESSION_COOKIE_SAMESITE = "None"   # default "Lax" drops cookies cross-origin
+SESSION_COOKIE_SECURE = True       # required by browsers when SameSite=None
+CSRF_COOKIE_SAMESITE = "None"
+CSRF_COOKIE_SECURE = True
+
+# pip install django-cors-headers
+INSTALLED_APPS = [..., "corsheaders", ...]
+MIDDLEWARE = ["corsheaders.middleware.CorsMiddleware", ...]
+
+CORS_ALLOW_CREDENTIALS = True
+CORS_ALLOWED_ORIGINS = ["https://admin.example.com"]   # NEVER "*" with credentials
+CSRF_TRUSTED_ORIGINS = ["https://admin.example.com"]
+```
+
+The SPA's HTTP client already sends `credentials: "include"`, so no
+frontend change is needed — only the Django-side cookie + CORS
+config above. Tracked: [#635](https://github.com/MartinCastroAlvarez/django-admin-react/issues/635).
+
 ---
 
 ## The API surface

{django_admin_react-1.4.12 → django_admin_react-1.5.0}/README.md

@@ -155,9 +155,12 @@ DJANGO_ADMIN_REACT = {
     "BRAND_LOGO_URL": None,     # str | None — favicon + sidebar logo;
                                 # falls back to AdminSite.site_logo. Absolute
                                 # URL or a path under your STATIC_URL.
-    "PRIMARY_COLOR": "#2563eb", # accent for primary buttons, links, and
-                                # active states. Hex only (validated);
-                                # injected as the --dar-primary CSS var, so
+    "PRIMARY_COLOR": None,      # accent for primary buttons, links, and
+                                # active states (#437 / #631). Hex only
+                                # (validated). None → reads
+                                # `site_primary_color` off your AdminSite;
+                                # fallback default is "#2563eb". Injected
+                                # as the --dar-primary CSS var, so
                                 # rebranding needs no React rebuild.
 
     # Auth + API mount
@@ -212,10 +215,39 @@ Both values are written into the SPA index template as standard
 reads them at boot, so the first paint already carries the consumer's
 brand. No flash of the package's defaults.
 
+#### Accent colour (`PRIMARY_COLOR` + `AdminSite.site_primary_color`)
+
+`PRIMARY_COLOR` defaults to `None` so a custom `AdminSite` subclass can
+own the brand colour the same way it owns `site_header` / `site_logo`
+(#631). Resolution order — explicit setting wins, AdminSite is the
+structural default, built-in fallback last:
+
+1. `DJANGO_ADMIN_REACT["PRIMARY_COLOR"]` — explicit per-deployment override.
+2. `<your AdminSite>.site_primary_color` — convention attribute on your
+   custom `AdminSite` subclass (Django has no such attribute by default;
+   add it as a constant alongside `site_header` / `site_logo`).
+3. `"#2563eb"` — the package's last-resort fallback.
+
+Every layer runs through a strict hex-colour regex (`#rgb` / `#rgba` /
+`#rrggbb` / `#rrggbbaa`) before being injected into the SPA's `<style>`
+block, so a non-hex value at any layer falls through to the next — CSS
+injection is impossible at any source.
+
+```python
+# myproject/admin.py
+from django.contrib.admin import AdminSite
+
+class AcmeAdminSite(AdminSite):
+    site_header = "Acme"
+    site_title = "Acme Admin"
+    site_logo = "/static/acme/logo.svg"
+    site_primary_color = "#10b981"   # emerald — used by legacy admin AND the SPA
+```
+
 ### Requirements
 
 - **Python**: 3.10+
-- **Django**: 5.0, 5.1, 5.2, 6.0 (and any later 6.x)
+- **Django**: 4.2 LTS, 5.0, 5.1, 5.2 LTS, 6.0 (and any later 6.x)
 - **Database**: anything Django supports — the package is ORM-only,
   no direct SQL.
 - **Auth**: Django's built-in session + CSRF. Works with custom
@@ -585,7 +617,9 @@ all share the v1 wire contract. Per-feature live status below.
 | `date_hierarchy`                                       | ✅                                                              |
 | `list_editable` + bulk PATCH                           | ✅                                                              |
 | `actions` — batch + detail (signature-classified)      | ✅                                                              |
-| `autocomplete_fields` / `raw_id_fields`                | ✅                                                              |
+| `autocomplete_fields`                                  | ✅                                                              |
+| `raw_id_fields` (pk text input + lookup popup)         | 🟡 [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) (API emits the hint; SPA still renders autocomplete) |
+| `radio_fields` (inline radio buttons vs `<select>`)    | 🟡 [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) (API emits the hint; SPA still renders dropdown) |
 | `ManyToManyField` read + write                         | ✅                                                              |
 | `inlines` (TabularInline / StackedInline) — read + write | ✅                                                            |
 | `FileField` / `ImageField` — read                      | ✅                                                              |
@@ -601,6 +635,121 @@ all share the v1 wire contract. Per-feature live status below.
 
 ✅ = shipped. 🟡 = not yet built (tracked).
 
+### Stock-Django `ModelAdmin` hooks that do NOT carry through to the SPA
+
+The SPA renders from the JSON wire — it never sees the consumer's
+Django HTML templates, custom widgets, or `get_urls()` views. The
+hooks below are stock-Django extension points the SPA cannot honour
+today; if your admin uses any of them, the surface behaves
+differently on the SPA than on the legacy `/admin/`. Tracking
+issues link the work to close each gap.
+
+| Stock-Django hook | SPA behaviour | Tracked |
+|---|---|---|
+| `change_form_template` / `change_list_template` / `add_form_template` / `change_password_template` / `object_history_template` overrides | Silently ignored — the SPA renders entirely from the JSON wire. | [#624](https://github.com/MartinCastroAlvarez/django-admin-react/issues/624) |
+| `formfield_overrides = {Field: {"widget": CustomWidget}}` | Custom widget invisible — the SPA picks its own control from the field's `type`. No React-side widget-registration API yet. | [#625](https://github.com/MartinCastroAlvarez/django-admin-react/issues/625) |
+| `raw_id_fields` | Falls back to the autocomplete picker (same as `autocomplete_fields`). Defeats the purpose for FKs with 10M+ rows where autocomplete `get_search_results` is too expensive. | [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) |
+| `radio_fields = {"status": admin.HORIZONTAL}` | Renders a `<select>` (default choice control) instead of inline radio buttons. | [#626](https://github.com/MartinCastroAlvarez/django-admin-react/issues/626) |
+| `filter_horizontal` / `filter_vertical` (M2M shuttle widget) | Renders the generic multi-select checkbox list, not Django's two-pane shuttle. Switch the field to `autocomplete_fields` for a workable SPA UX. | [#627](https://github.com/MartinCastroAlvarez/django-admin-react/issues/627) |
+| `GenericForeignKey` / `GenericInlineModelAdmin` | Support gap — verify per-model before relying on the SPA. | [#628](https://github.com/MartinCastroAlvarez/django-admin-react/issues/628) |
+| `LANGUAGE_CODE` / `gettext` / `Accept-Language` | The SPA chrome stays English; translated `verbose_name` / `help_text` / `@admin.action(description=_("..."))` are not surfaced per-request. | [#630](https://github.com/MartinCastroAlvarez/django-admin-react/issues/630) |
+| `ModelAdmin.get_urls()` custom views | Opens as a popout (`<a target="_blank">`) into the Django-rendered HTML page — no SPA chrome, no breadcrumb. The link IS surfaced; the UX is just outside the SPA. | [#623](https://github.com/MartinCastroAlvarez/django-admin-react/issues/623) |
+| Django 4.2 LTS support | Not yet — the package pins `django >= 5.0,<7.0`. | [#622](https://github.com/MartinCastroAlvarez/django-admin-react/issues/622) |
+
+If your admin relies on any "silently ignored" hook above, the
+typical workaround is to keep that model on the legacy
+`/admin/` surface via the
+[experience-toggle strip](#experience-toggle-strip-optional) — the
+SPA + legacy admin happily coexist.
+
+---
+
+## Writing safe `list_display` callables
+
+This applies on **both** the legacy `/admin/` and the SPA — but the
+SPA renders any `format_html` / `mark_safe` value via React's
+`dangerouslySetInnerHTML`, so misuse is reflected XSS the same way
+the legacy admin would be.
+
+**Do not** interpolate user-controlled data into a `mark_safe(...)`
+string. The whole point of `mark_safe` is "I have already escaped
+this," and `f"<span>{obj.user_input}</span>"` has not — so a
+`user_input` of `<script>alert(1)</script>` runs.
+
+```python
+# WRONG — copy-paste-from-StackOverflow XSS hazard.
+@admin.display(description="Status")
+def status_badge(self, obj):
+    return mark_safe(f'<span class="badge">{obj.user_input}</span>')
+
+# RIGHT — format_html auto-escapes every interpolated arg.
+@admin.display(description="Status")
+def status_badge(self, obj):
+    return format_html('<span class="badge">{}</span>', obj.user_input)
+```
+
+Same rule for `readonly_fields` callables. See
+[#633](https://github.com/MartinCastroAlvarez/django-admin-react/issues/633)
+for the optional defense-in-depth `STRICT_HTML` setting tracking
+issue (bleach-clean every rendered HTML value with a tight allow-list).
+
+---
+
+## Hardening
+
+### Brute-force defense on `/api/v1/login/`
+
+The package's React login endpoint (`<mount>/api/v1/login/`) reuses
+Django's session auth, so the canonical brute-force defenses work
+unchanged. The recommended layer is
+[`django-axes`](https://pypi.org/project/django-axes/):
+
+```python
+# settings.py
+INSTALLED_APPS = [..., "axes", "django_admin_react", "django_admin_rest_api"]
+
+AUTHENTICATION_BACKENDS = [
+    "axes.backends.AxesStandaloneBackend",
+    "django.contrib.auth.backends.ModelBackend",
+]
+MIDDLEWARE = [..., "axes.middleware.AxesMiddleware"]
+
+AXES_FAILURE_LIMIT = 5
+AXES_COOLOFF_TIME = 1  # hour
+```
+
+Axes intercepts via `AUTHENTICATION_BACKENDS`, not URL middleware, so
+lockouts apply to both the legacy admin login and the SPA's JSON
+login automatically. Tracked: [#634](https://github.com/MartinCastroAlvarez/django-admin-react/issues/634).
+
+### Mounting the API on a different origin (CORS + cookies)
+
+`DJANGO_ADMIN_REACT["API_URL_PREFIX"]` lets the SPA point at a
+separately-mounted REST API — e.g. SPA at `admin.example.com`
+talking to an API at `api.example.com`. The session-cookie auth
+across origins needs three settings configured together; if any
+one is missing, every API call silently 401s after login.
+
+```python
+# settings.py — required when SPA and API are on different origins.
+SESSION_COOKIE_SAMESITE = "None"   # default "Lax" drops cookies cross-origin
+SESSION_COOKIE_SECURE = True       # required by browsers when SameSite=None
+CSRF_COOKIE_SAMESITE = "None"
+CSRF_COOKIE_SECURE = True
+
+# pip install django-cors-headers
+INSTALLED_APPS = [..., "corsheaders", ...]
+MIDDLEWARE = ["corsheaders.middleware.CorsMiddleware", ...]
+
+CORS_ALLOW_CREDENTIALS = True
+CORS_ALLOWED_ORIGINS = ["https://admin.example.com"]   # NEVER "*" with credentials
+CSRF_TRUSTED_ORIGINS = ["https://admin.example.com"]
+```
+
+The SPA's HTTP client already sends `credentials: "include"`, so no
+frontend change is needed — only the Django-side cookie + CORS
+config above. Tracked: [#635](https://github.com/MartinCastroAlvarez/django-admin-react/issues/635).
+
 ---
 
 ## The API surface

{django_admin_react-1.4.12 → django_admin_react-1.5.0}/django_admin_react/conf.py

@@ -20,6 +20,12 @@ from typing import Any
 
 from django.conf import settings as django_settings
 
+# Built-in fallback for the ``--dar-primary`` accent color when the
+# consumer hasn't set ``PRIMARY_COLOR`` AND their ``AdminSite`` has no
+# ``site_primary_color`` attribute. Re-exported so ``views.py`` can
+# pick up the same constant instead of stringifying its own.
+DEFAULT_PRIMARY_COLOR = "#2563eb"
+
 DEFAULTS: dict[str, Any] = {
     "ADMIN_SITE": "django.contrib.admin.site",
     # The list page size derives from the model's
@@ -59,9 +65,16 @@ DEFAULTS: dict[str, Any] = {
     # ``--dar-primary`` CSS variable so a consumer can brand the admin with
     # no React rebuild. Must be a hex color (``#rgb`` / ``#rgba`` /
     # ``#rrggbb`` / ``#rrggbbaa``); anything else is rejected at render and
-    # falls back to this default, since the value is written into a
-    # ``<style>`` block and must not be able to inject CSS.
-    "PRIMARY_COLOR": "#2563eb",
+    # falls back to ``DEFAULT_PRIMARY_COLOR`` below, since the value is
+    # written into a ``<style>`` block and must not be able to inject CSS.
+    #
+    # ``None`` (default) means "consumer didn't explicitly set this" — the
+    # SPA reads ``site_primary_color`` off the configured ``AdminSite``
+    # next, then falls back to ``DEFAULT_PRIMARY_COLOR``. Mirrors
+    # ``BRAND_TITLE`` / ``BRAND_LOGO_URL``: setting wins as the
+    # per-deployment override, AdminSite attr is the structural default,
+    # built-in default last (#631).
+    "PRIMARY_COLOR": None,
     # ``REACT_LOGIN`` — React-rendered login is the **default** so the
     # SPA fully replaces the Django admin URL surface end-to-end (owner
     # directive 2026-05-28). ``SpaIndexView`` serves the React shell to
@@ -149,7 +162,7 @@ class _PackageSettings:
     ENABLE_PROFILING: bool = DEFAULTS["ENABLE_PROFILING"]
     BRAND_TITLE: str | None = DEFAULTS["BRAND_TITLE"]
     BRAND_LOGO_URL: str | None = DEFAULTS["BRAND_LOGO_URL"]
-    PRIMARY_COLOR: str = DEFAULTS["PRIMARY_COLOR"]
+    PRIMARY_COLOR: str | None = DEFAULTS["PRIMARY_COLOR"]
     REACT_LOGIN: bool = DEFAULTS["REACT_LOGIN"]
     API_URL_PREFIX: str | None = DEFAULTS["API_URL_PREFIX"]
     LEGACY_ADMIN_URL_PREFIX: str | None = DEFAULTS["LEGACY_ADMIN_URL_PREFIX"]

{django_admin_react-1.4.12 → django_admin_react-1.5.0}/django_admin_react/static/admin_react/.vite/manifest.json

@@ -1,6 +1,6 @@
 {
   "../../packages/details/src/JsonViewer.tsx": {
-    "file": "assets/JsonViewer-B0UvsOqx.js",
+    "file": "assets/JsonViewer-DkeJkG12.js",
     "name": "JsonViewer",
     "src": "../../packages/details/src/JsonViewer.tsx",
     "isDynamicEntry": true,
@@ -9,7 +9,7 @@
     ]
   },
   "index.html": {
-    "file": "assets/index-C3ZSD987.js",
+    "file": "assets/index-CGh8t5dj.js",
     "name": "index",
     "src": "index.html",
     "isEntry": true,
@@ -18,11 +18,11 @@
       "src/ColumnLayoutModal.tsx"
     ],
     "css": [
-      "assets/index-DRQ2gAuA.css"
+      "assets/index-CpxUkcdm.css"
     ]
   },
   "src/ColumnLayoutModal.tsx": {
-    "file": "assets/ColumnLayoutModal-CLIzQjlm.js",
+    "file": "assets/ColumnLayoutModal-Bqf6vN1j.js",
     "name": "ColumnLayoutModal",
     "src": "src/ColumnLayoutModal.tsx",
     "isDynamicEntry": true,

django_admin_react-1.4.12/django_admin_react/static/admin_react/assets/ColumnLayoutModal-CLIzQjlm.js → django_admin_react-1.5.0/django_admin_react/static/admin_react/assets/ColumnLayoutModal-Bqf6vN1j.js

@@ -1,4 +1,4 @@
-import{c as tt,d as c,R as $,r as ke,j as I,M as kn,b as On,a as Jt}from"./index-C3ZSD987.js";const Tn=[["circle",{cx:"9",cy:"12",r:"1",key:"1vctgf"}],["circle",{cx:"9",cy:"5",r:"1",key:"hp0tcf"}],["circle",{cx:"9",cy:"19",r:"1",key:"fkjjf6"}],["circle",{cx:"15",cy:"12",r:"1",key:"1tmaij"}],["circle",{cx:"15",cy:"5",r:"1",key:"19l28e"}],["circle",{cx:"15",cy:"19",r:"1",key:"f4zoj3"}]],Qt=tt("grip-vertical",Tn);const Ln=[["rect",{width:"18",height:"11",x:"3",y:"11",rx:"2",ry:"2",key:"1w4ew1"}],["path",{d:"M7 11V7a5 5 0 0 1 9.9-1",key:"1mm8w8"}]],jn=tt("lock-open",Ln);const zn=[["rect",{width:"18",height:"11",x:"3",y:"11",rx:"2",ry:"2",key:"1w4ew1"}],["path",{d:"M7 11V7a5 5 0 0 1 10 0v4",key:"fwvmzm"}]],jt=tt("lock",zn);const $n=[["path",{d:"M3 12a9 9 0 1 0 9-9 9.75 9.75 0 0 0-6.74 2.74L3 8",key:"1357e3"}],["path",{d:"M3 3v5h5",key:"1xhq8a"}]],Bn=tt("rotate-ccw",$n);function Pn(){for(var e=arguments.length,t=new Array(e),n=0;n<e;n++)t[n]=arguments[n];return c.useMemo(()=>r=>{t.forEach(o=>o(r))},t)}const nt=typeof window<"u"&&typeof window.document<"u"&&typeof window.document.createElement<"u";function xe(e){const t=Object.prototype.toString.call(e);return t==="[object Window]"||t==="[object global]"}function mt(e){return"nodeType"in e}function B(e){var t,n;return e?xe(e)?e:mt(e)&&(t=(n=e.ownerDocument)==null?void 0:n.defaultView)!=null?t:window:window}function yt(e){const{Document:t}=B(e);return e instanceof t}function Pe(e){return xe(e)?!1:e instanceof B(e).HTMLElement}function Zt(e){return e instanceof B(e).SVGElement}function we(e){return e?xe(e)?e.document:mt(e)?yt(e)?e:Pe(e)||Zt(e)?e.ownerDocument:document:document:document}const Z=nt?c.useLayoutEffect:c.useEffect;function xt(e){const t=c.useRef(e);return Z(()=>{t.current=e}),c.useCallback(function(){for(var n=arguments.length,r=new Array(n),o=0;o<n;o++)r[o]=arguments[o];return t.current==null?void 0:t.current(...r)},[])}function Fn(){const e=c.useRef(null),t=c.useCallback((r,o)=>{e.current=setInterval(r,o)},[]),n=c.useCallback(()=>{e.current!==null&&(clearInterval(e.current),e.current=null)},[]);return[t,n]}function je(e,t){t===void 0&&(t=[e]);const n=c.useRef(e);return Z(()=>{n.current!==e&&(n.current=e)},t),n}function Fe(e,t){const n=c.useRef();return c.useMemo(()=>{const r=e(n.current);return n.current=r,r},[...t])}function Je(e){const t=xt(e),n=c.useRef(null),r=c.useCallback(o=>{o!==n.current&&t?.(o,n.current),n.current=o},[]);return[n,r]}function ht(e){const t=c.useRef();return c.useEffect(()=>{t.current=e},[e]),t.current}let lt={};function Xe(e,t){return c.useMemo(()=>{if(t)return t;const n=lt[e]==null?0:lt[e]+1;return lt[e]=n,e+"-"+n},[e,t])}function en(e){return function(t){for(var n=arguments.length,r=new Array(n>1?n-1:0),o=1;o<n;o++)r[o-1]=arguments[o];return r.reduce((i,s)=>{const a=Object.entries(s);for(const[l,u]of a){const f=i[l];f!=null&&(i[l]=f+e*u)}return i},{...t})}}const ye=en(1),ze=en(-1);function Xn(e){return"clientX"in e&&"clientY"in e}function wt(e){if(!e)return!1;const{KeyboardEvent:t}=B(e.target);return t&&e instanceof t}function Un(e){if(!e)return!1;const{TouchEvent:t}=B(e.target);return t&&e instanceof t}function gt(e){if(Un(e)){if(e.touches&&e.touches.length){const{clientX:t,clientY:n}=e.touches[0];return{x:t,y:n}}else if(e.changedTouches&&e.changedTouches.length){const{clientX:t,clientY:n}=e.changedTouches[0];return{x:t,y:n}}}return Xn(e)?{x:e.clientX,y:e.clientY}:null}const $e=Object.freeze({Translate:{toString(e){if(!e)return;const{x:t,y:n}=e;return"translate3d("+(t?Math.round(t):0)+"px, "+(n?Math.round(n):0)+"px, 0)"}},Scale:{toString(e){if(!e)return;const{scaleX:t,scaleY:n}=e;return"scaleX("+t+") scaleY("+n+")"}},Transform:{toString(e){if(e)return[$e.Translate.toString(e),$e.Scale.toString(e)].join(" ")}},Transition:{toString(e){let{property:t,duration:n,easing:r}=e;return t+" "+n+"ms "+r}}}),zt="a,frame,iframe,input:not([type=hidden]):not(:disabled),select:not(:disabled),textarea:not(:disabled),button:not(:disabled),*[tabindex]";function Yn(e){return e.matches(zt)?e:e.querySelector(zt)}const Wn={display:"none"};function Vn(e){let{id:t,value:n}=e;return $.createElement("div",{id:t,style:Wn},n)}function Hn(e){let{id:t,announcement:n,ariaLiveType:r="assertive"}=e;const o={position:"fixed",top:0,left:0,width:1,height:1,margin:-1,border:0,padding:0,overflow:"hidden",clip:"rect(0 0 0 0)",clipPath:"inset(100%)",whiteSpace:"nowrap"};return $.createElement("div",{id:t,style:o,role:"status","aria-live":r,"aria-atomic":!0},n)}function Kn(){const[e,t]=c.useState("");return{announce:c.useCallback(r=>{r!=null&&t(r)},[]),announcement:e}}const tn=c.createContext(null);function _n(e){const t=c.useContext(tn);c.useEffect(()=>{if(!t)throw new Error("useDndMonitor must be used within a children of <DndContext>");return t(e)},[e,t])}function qn(){const[e]=c.useState(()=>new Set),t=c.useCallback(r=>(e.add(r),()=>e.delete(r)),[e]);return[c.useCallback(r=>{let{type:o,event:i}=r;e.forEach(s=>{var a;return(a=s[o])==null?void 0:a.call(s,i)})},[e]),t]}const Gn={draggable:`
+import{c as tt,d as c,R as $,r as ke,j as I,M as kn,b as On,a as Jt}from"./index-CGh8t5dj.js";const Tn=[["circle",{cx:"9",cy:"12",r:"1",key:"1vctgf"}],["circle",{cx:"9",cy:"5",r:"1",key:"hp0tcf"}],["circle",{cx:"9",cy:"19",r:"1",key:"fkjjf6"}],["circle",{cx:"15",cy:"12",r:"1",key:"1tmaij"}],["circle",{cx:"15",cy:"5",r:"1",key:"19l28e"}],["circle",{cx:"15",cy:"19",r:"1",key:"f4zoj3"}]],Qt=tt("grip-vertical",Tn);const Ln=[["rect",{width:"18",height:"11",x:"3",y:"11",rx:"2",ry:"2",key:"1w4ew1"}],["path",{d:"M7 11V7a5 5 0 0 1 9.9-1",key:"1mm8w8"}]],jn=tt("lock-open",Ln);const zn=[["rect",{width:"18",height:"11",x:"3",y:"11",rx:"2",ry:"2",key:"1w4ew1"}],["path",{d:"M7 11V7a5 5 0 0 1 10 0v4",key:"fwvmzm"}]],jt=tt("lock",zn);const $n=[["path",{d:"M3 12a9 9 0 1 0 9-9 9.75 9.75 0 0 0-6.74 2.74L3 8",key:"1357e3"}],["path",{d:"M3 3v5h5",key:"1xhq8a"}]],Bn=tt("rotate-ccw",$n);function Pn(){for(var e=arguments.length,t=new Array(e),n=0;n<e;n++)t[n]=arguments[n];return c.useMemo(()=>r=>{t.forEach(o=>o(r))},t)}const nt=typeof window<"u"&&typeof window.document<"u"&&typeof window.document.createElement<"u";function xe(e){const t=Object.prototype.toString.call(e);return t==="[object Window]"||t==="[object global]"}function mt(e){return"nodeType"in e}function B(e){var t,n;return e?xe(e)?e:mt(e)&&(t=(n=e.ownerDocument)==null?void 0:n.defaultView)!=null?t:window:window}function yt(e){const{Document:t}=B(e);return e instanceof t}function Pe(e){return xe(e)?!1:e instanceof B(e).HTMLElement}function Zt(e){return e instanceof B(e).SVGElement}function we(e){return e?xe(e)?e.document:mt(e)?yt(e)?e:Pe(e)||Zt(e)?e.ownerDocument:document:document:document}const Z=nt?c.useLayoutEffect:c.useEffect;function xt(e){const t=c.useRef(e);return Z(()=>{t.current=e}),c.useCallback(function(){for(var n=arguments.length,r=new Array(n),o=0;o<n;o++)r[o]=arguments[o];return t.current==null?void 0:t.current(...r)},[])}function Fn(){const e=c.useRef(null),t=c.useCallback((r,o)=>{e.current=setInterval(r,o)},[]),n=c.useCallback(()=>{e.current!==null&&(clearInterval(e.current),e.current=null)},[]);return[t,n]}function je(e,t){t===void 0&&(t=[e]);const n=c.useRef(e);return Z(()=>{n.current!==e&&(n.current=e)},t),n}function Fe(e,t){const n=c.useRef();return c.useMemo(()=>{const r=e(n.current);return n.current=r,r},[...t])}function Je(e){const t=xt(e),n=c.useRef(null),r=c.useCallback(o=>{o!==n.current&&t?.(o,n.current),n.current=o},[]);return[n,r]}function ht(e){const t=c.useRef();return c.useEffect(()=>{t.current=e},[e]),t.current}let lt={};function Xe(e,t){return c.useMemo(()=>{if(t)return t;const n=lt[e]==null?0:lt[e]+1;return lt[e]=n,e+"-"+n},[e,t])}function en(e){return function(t){for(var n=arguments.length,r=new Array(n>1?n-1:0),o=1;o<n;o++)r[o-1]=arguments[o];return r.reduce((i,s)=>{const a=Object.entries(s);for(const[l,u]of a){const f=i[l];f!=null&&(i[l]=f+e*u)}return i},{...t})}}const ye=en(1),ze=en(-1);function Xn(e){return"clientX"in e&&"clientY"in e}function wt(e){if(!e)return!1;const{KeyboardEvent:t}=B(e.target);return t&&e instanceof t}function Un(e){if(!e)return!1;const{TouchEvent:t}=B(e.target);return t&&e instanceof t}function gt(e){if(Un(e)){if(e.touches&&e.touches.length){const{clientX:t,clientY:n}=e.touches[0];return{x:t,y:n}}else if(e.changedTouches&&e.changedTouches.length){const{clientX:t,clientY:n}=e.changedTouches[0];return{x:t,y:n}}}return Xn(e)?{x:e.clientX,y:e.clientY}:null}const $e=Object.freeze({Translate:{toString(e){if(!e)return;const{x:t,y:n}=e;return"translate3d("+(t?Math.round(t):0)+"px, "+(n?Math.round(n):0)+"px, 0)"}},Scale:{toString(e){if(!e)return;const{scaleX:t,scaleY:n}=e;return"scaleX("+t+") scaleY("+n+")"}},Transform:{toString(e){if(e)return[$e.Translate.toString(e),$e.Scale.toString(e)].join(" ")}},Transition:{toString(e){let{property:t,duration:n,easing:r}=e;return t+" "+n+"ms "+r}}}),zt="a,frame,iframe,input:not([type=hidden]):not(:disabled),select:not(:disabled),textarea:not(:disabled),button:not(:disabled),*[tabindex]";function Yn(e){return e.matches(zt)?e:e.querySelector(zt)}const Wn={display:"none"};function Vn(e){let{id:t,value:n}=e;return $.createElement("div",{id:t,style:Wn},n)}function Hn(e){let{id:t,announcement:n,ariaLiveType:r="assertive"}=e;const o={position:"fixed",top:0,left:0,width:1,height:1,margin:-1,border:0,padding:0,overflow:"hidden",clip:"rect(0 0 0 0)",clipPath:"inset(100%)",whiteSpace:"nowrap"};return $.createElement("div",{id:t,style:o,role:"status","aria-live":r,"aria-atomic":!0},n)}function Kn(){const[e,t]=c.useState("");return{announce:c.useCallback(r=>{r!=null&&t(r)},[]),announcement:e}}const tn=c.createContext(null);function _n(e){const t=c.useContext(tn);c.useEffect(()=>{if(!t)throw new Error("useDndMonitor must be used within a children of <DndContext>");return t(e)},[e,t])}function qn(){const[e]=c.useState(()=>new Set),t=c.useCallback(r=>(e.add(r),()=>e.delete(r)),[e]);return[c.useCallback(r=>{let{type:o,event:i}=r;e.forEach(s=>{var a;return(a=s[o])==null?void 0:a.call(s,i)})},[e]),t]}const Gn={draggable:`
     To pick up a draggable item, press the space bar.
     While dragging, use the arrow keys to move the item.
     Press space again to drop the item in its new position, or press escape to cancel.

django_admin_react-1.4.12/django_admin_react/static/admin_react/assets/JsonViewer-B0UvsOqx.js → django_admin_react-1.5.0/django_admin_react/static/admin_react/assets/JsonViewer-DkeJkG12.js

@@ -1 +1 @@
-import{c as d,d as l,j as e,C as h}from"./index-C3ZSD987.js";const p=[["path",{d:"m9 18 6-6-6-6",key:"mthhwq"}]],g=d("chevron-right",p);const y=[["rect",{width:"14",height:"14",x:"8",y:"8",rx:"2",ry:"2",key:"17jyea"}],["path",{d:"M4 16c-1.1 0-2-.9-2-2V4c0-1.1.9-2 2-2h10c1.1 0 2 .9 2 2",key:"zix9uf"}]],j=d("copy",y);function N({raw:t,parsed:r}){const[s,c]=l.useState(!1);async function a(){try{await navigator.clipboard.writeText(t),c(!0),setTimeout(()=>c(!1),2e3)}catch{}}return e.jsxs("div",{className:"relative w-full overflow-x-auto rounded border border-gray-200 bg-gray-50 p-3 font-mono text-xs leading-relaxed text-gray-800 dark:border-gray-700 dark:bg-gray-900 dark:text-gray-200",children:[e.jsx("button",{type:"button",onClick:a,"aria-label":"Copy JSON",title:s?"Copied":"Copy",className:"absolute right-2 top-2 inline-flex h-6 w-6 items-center justify-center rounded border border-gray-300 bg-white text-gray-600 hover:bg-gray-100 dark:border-gray-600 dark:bg-gray-800 dark:text-gray-300 dark:hover:bg-gray-700",children:s?e.jsx(h,{className:"h-3.5 w-3.5 text-green-600","aria-hidden":!0}):e.jsx(j,{className:"h-3.5 w-3.5","aria-hidden":!0})}),e.jsx(o,{value:r,depth:0})]})}function o({value:t,depth:r}){return t===null?e.jsx("span",{className:"text-purple-600 dark:text-purple-400",children:"null"}):typeof t=="boolean"?e.jsx("span",{className:"text-purple-600 dark:text-purple-400",children:t?"true":"false"}):typeof t=="number"?e.jsx("span",{className:"text-blue-700",children:String(t)}):typeof t=="string"?e.jsxs("span",{className:"text-green-700 dark:text-green-400",children:['"',t,'"']}):Array.isArray(t)?e.jsx(u,{value:t,depth:r}):typeof t=="object"?e.jsx(m,{value:t,depth:r}):e.jsx("span",{className:"text-gray-500",children:String(t)})}function m({value:t,depth:r}){const s=Object.keys(t),[c,a]=l.useState(r<2);return s.length===0?e.jsx("span",{className:"text-gray-500",children:"{}"}):e.jsx(x,{open:c,onToggle:()=>a(n=>!n),collapsedLabel:`{…} ${s.length} ${s.length===1?"key":"keys"}`,openBracket:"{",closeBracket:"}",depth:r,children:s.map((n,i)=>e.jsxs("div",{className:"pl-4",children:[e.jsxs("span",{className:"text-rose-700 dark:text-rose-400",children:['"',n,'"']}),e.jsx("span",{className:"text-gray-500",children:": "}),e.jsx(o,{value:t[n],depth:r+1}),i<s.length-1?e.jsx("span",{className:"text-gray-500",children:","}):null]},n))})}function u({value:t,depth:r}){const[s,c]=l.useState(r<2);return t.length===0?e.jsx("span",{className:"text-gray-500",children:"[]"}):e.jsx(x,{open:s,onToggle:()=>c(a=>!a),collapsedLabel:`[…] ${t.length} ${t.length===1?"item":"items"}`,openBracket:"[",closeBracket:"]",depth:r,children:t.map((a,n)=>e.jsxs("div",{className:"pl-4",children:[e.jsx(o,{value:a,depth:r+1}),n<t.length-1?e.jsx("span",{className:"text-gray-500",children:","}):null]},n))})}function x({open:t,onToggle:r,collapsedLabel:s,openBracket:c,closeBracket:a,depth:n,children:i}){return e.jsxs("span",{children:[e.jsx("button",{type:"button",onClick:r,"aria-expanded":t,className:"inline-flex items-center align-baseline text-gray-500 hover:text-gray-800 dark:hover:text-gray-200",children:e.jsx(g,{className:`h-3 w-3 shrink-0 transition-transform ${t?"rotate-90":""}`,"aria-hidden":!0})}),e.jsx("span",{className:"text-gray-500",children:c}),t?e.jsxs(e.Fragment,{children:[i,e.jsx("div",{className:n===0?"":"pl-0",children:e.jsx("span",{className:"text-gray-500",children:a})})]}):e.jsxs(e.Fragment,{children:[e.jsx("span",{className:"px-1 text-gray-500",children:s}),e.jsx("span",{className:"text-gray-500",children:a})]})]})}export{N as default};
+import{c as d,d as l,j as e,C as h}from"./index-CGh8t5dj.js";const p=[["path",{d:"m9 18 6-6-6-6",key:"mthhwq"}]],g=d("chevron-right",p);const y=[["rect",{width:"14",height:"14",x:"8",y:"8",rx:"2",ry:"2",key:"17jyea"}],["path",{d:"M4 16c-1.1 0-2-.9-2-2V4c0-1.1.9-2 2-2h10c1.1 0 2 .9 2 2",key:"zix9uf"}]],j=d("copy",y);function N({raw:t,parsed:r}){const[s,c]=l.useState(!1);async function a(){try{await navigator.clipboard.writeText(t),c(!0),setTimeout(()=>c(!1),2e3)}catch{}}return e.jsxs("div",{className:"relative w-full overflow-x-auto rounded border border-gray-200 bg-gray-50 p-3 font-mono text-xs leading-relaxed text-gray-800 dark:border-gray-700 dark:bg-gray-900 dark:text-gray-200",children:[e.jsx("button",{type:"button",onClick:a,"aria-label":"Copy JSON",title:s?"Copied":"Copy",className:"absolute right-2 top-2 inline-flex h-6 w-6 items-center justify-center rounded border border-gray-300 bg-white text-gray-600 hover:bg-gray-100 dark:border-gray-600 dark:bg-gray-800 dark:text-gray-300 dark:hover:bg-gray-700",children:s?e.jsx(h,{className:"h-3.5 w-3.5 text-green-600","aria-hidden":!0}):e.jsx(j,{className:"h-3.5 w-3.5","aria-hidden":!0})}),e.jsx(o,{value:r,depth:0})]})}function o({value:t,depth:r}){return t===null?e.jsx("span",{className:"text-purple-600 dark:text-purple-400",children:"null"}):typeof t=="boolean"?e.jsx("span",{className:"text-purple-600 dark:text-purple-400",children:t?"true":"false"}):typeof t=="number"?e.jsx("span",{className:"text-blue-700",children:String(t)}):typeof t=="string"?e.jsxs("span",{className:"text-green-700 dark:text-green-400",children:['"',t,'"']}):Array.isArray(t)?e.jsx(u,{value:t,depth:r}):typeof t=="object"?e.jsx(m,{value:t,depth:r}):e.jsx("span",{className:"text-gray-500",children:String(t)})}function m({value:t,depth:r}){const s=Object.keys(t),[c,a]=l.useState(r<2);return s.length===0?e.jsx("span",{className:"text-gray-500",children:"{}"}):e.jsx(x,{open:c,onToggle:()=>a(n=>!n),collapsedLabel:`{…} ${s.length} ${s.length===1?"key":"keys"}`,openBracket:"{",closeBracket:"}",depth:r,children:s.map((n,i)=>e.jsxs("div",{className:"pl-4",children:[e.jsxs("span",{className:"text-rose-700 dark:text-rose-400",children:['"',n,'"']}),e.jsx("span",{className:"text-gray-500",children:": "}),e.jsx(o,{value:t[n],depth:r+1}),i<s.length-1?e.jsx("span",{className:"text-gray-500",children:","}):null]},n))})}function u({value:t,depth:r}){const[s,c]=l.useState(r<2);return t.length===0?e.jsx("span",{className:"text-gray-500",children:"[]"}):e.jsx(x,{open:s,onToggle:()=>c(a=>!a),collapsedLabel:`[…] ${t.length} ${t.length===1?"item":"items"}`,openBracket:"[",closeBracket:"]",depth:r,children:t.map((a,n)=>e.jsxs("div",{className:"pl-4",children:[e.jsx(o,{value:a,depth:r+1}),n<t.length-1?e.jsx("span",{className:"text-gray-500",children:","}):null]},n))})}function x({open:t,onToggle:r,collapsedLabel:s,openBracket:c,closeBracket:a,depth:n,children:i}){return e.jsxs("span",{children:[e.jsx("button",{type:"button",onClick:r,"aria-expanded":t,className:"inline-flex items-center align-baseline text-gray-500 hover:text-gray-800 dark:hover:text-gray-200",children:e.jsx(g,{className:`h-3 w-3 shrink-0 transition-transform ${t?"rotate-90":""}`,"aria-hidden":!0})}),e.jsx("span",{className:"text-gray-500",children:c}),t?e.jsxs(e.Fragment,{children:[i,e.jsx("div",{className:n===0?"":"pl-0",children:e.jsx("span",{className:"text-gray-500",children:a})})]}):e.jsxs(e.Fragment,{children:[e.jsx("span",{className:"px-1 text-gray-500",children:s}),e.jsx("span",{className:"text-gray-500",children:a})]})]})}export{N as default};